Fix insufficient sanitization of safe strings in file transfer protocol

Change the spec to restrict safe strings further to avoid such bugs in
other implementations. Reported by Edwin Hoffman.
This commit is contained in:
Kovid Goyal
2023-07-08 09:50:28 +05:30
parent 7d2dc252f1
commit a6a3e5e67d
3 changed files with 16 additions and 5 deletions

View File

@@ -87,7 +87,9 @@ Detailed list of changes
- macOS: Fix window shadows not being drawn for transparent windows (:iss:`2827`, :pull:`6416`)
- Do not echo invalid DECRQSS queries back, behavior inherited from xterm (CVE-2008-2383)
- Do not echo invalid DECRQSS queries back, behavior inherited from xterm (CVE-2008-2383). Similarly, fix an echo
bug in the file transfer protocol due to insufficient sanitization of safe strings.
0.28.1 [2023-04-21]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@@ -508,7 +508,7 @@ enum
ac=file
safe_string
A string consisting only of characters from the set ``[0-9a-zA-Z_:.,/!@#$%^&*()[]{}~`?"'\\|=+-]``
A string consisting only of characters from the set ``[0-9a-zA-Z_:./@-]``
Note that the semi-colon is missing from this set.
integer